1. ÓÃResponse.Write·½·¨
¡¡¡¡´úÂëÈçÏ£º
Response.Write("<script type='text/javascript'>alert("XXX");</script>");
´Ë·½·¨È±ÏݾÍÊDz»Äܵ÷Óýű¾ÎļþÖеÄ×Ô¶¨ÒåµÄº¯Êý£¬Ö»Äܵ÷ÓÃÄÚ²¿º¯Êý£¬¾ßÌåµ÷ÓÃ×Ô¶¨ÒåµÄº¯ÊýÖ»ÄÜÔÚResponse.WriteдÉϺ¯Êý¶¨ Ò壬±ÈÈç
Response.Write("<script type='text/javascript'>function myfun(){}</script>");
2.ÓÃClientScriptÀà
¡¡¡¡´úÂëÈçÏ£ºÔÚÏëµ÷ÓÃij¸öjavascript½Å±¾º¯ÊýµÄµØ·½Ìí¼Ó´úÂ룬עÒâÒª±£Ö¤MyFunÒѾÔڽű¾ÎļþÖж¨Òå¹ýÁË¡£
ClientScript.RegisterStartupScript(ClientScript.GetType(), "myscript", "<script>MyFun();</script>");
¡¡¡¡Õâ¸ö·½·¨±ÈResponse.Write¸ü·½±ãһЩ£¬¿ÉÒÔÖ±½Óµ÷Óýű¾ÎļþÖеÄ×Ô¶¨Ò庯Êý¡£
3.ÆÕͨµÄÌí¼Ó¿Ø¼þµÄAttributesÊôÐÔ
¡¡¡¡¶ÔÓÚÆÕͨ°´Å¥¾ÍÊÇ£ºButton1.Attributes.Add("onclick","MyFun();");
¡¡¡¡Ö»ÄÜÔÚOnloadÖлòÀàËÆÓÚonloadµÄ³õʼ»¯¹ý³ÌÖÐÌí¼Ó²ÅÓÐЧ¡£¶øÇÒÊÇÏÈÖ´Ðнű¾º¯Êý£¬ÎÞ·¨¸Ä±äÖ´ÐÐ˳Ðò¡£
×¢Ò⣬ÒÔÉÏËùÓз½·¨ÖУ¬ºǫ́´úÂ붼²»ÄÜÓÐת»¯µ±Ç°Ò³µÄ´úÂ룬±ÈÈçRedirectµÈ£¬Òª°Ñתҳ´úÂë·ÅÔڽű¾ÀïÃæ
ASP.NET ÌṩÈýÖÖÓÃÓÚÔÚ³öÏÖ´íÎóʱ²¶»ñºÍÏìÓ¦´íÎóµÄÖ÷Òª·½·¨£ºPage_Error ʼþ¡¢Application_Error ʼþÒÔ¼°Ó¦ÓóÌÐòÅäÖÃÎļþ (Web.config)¡£
Èç¹ûÄú²»µ÷Óà Server.ClearError »òÕß²¶»ñ Page_Error »ò Application_Error ʼþÖеĴíÎó£¬Ôò½«¸ù¾Ý Web.config ÎļþµÄ <customErrors> ²¿·ÖÖеÄÉèÖô¦Àí´íÎó¡£ÔÚ & ......
1.Á¬½ÓÊý¾Ý¿âÎļþ
<add name="LocalSqlServer" connectionString="Data Source=.\SQLExpress;Integrated Security=True;AttachDBFilename=|DataDirectory|TimeTracker.mdf;User Instance=true" />
SqlConnectionStringBuilderʵÀý»¯Ê±£¬ÒªÓõ½connectionString£¬È磺SqlConnectionStringBuild builder = new SqlC ......
ͨ¹ýAsp.net(C#)Ó¦ÓóÌÐò¶ÁÈ¡±¾µØÉÏ´«µÄExcleÎļþ,´æ·Åµ½DataSetÖÐ,ͨ¹ýDataSetÖеķ½·¨Ö±½ÓÉú³ÉXMLÎļþ.
C# Code
if (this.FileUpload1.PostedFile != null)
{
string filename = this.FileUpl ......
